organized fraud ... border. between march 2010 and april 2011, the fbi identified twenty incidents...

Click here to load reader

Post on 08-Oct-2020

0 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Organized Fraud:

    What You Should Know About Chargebacks, Gold Farming & Account Takeovers

    Arthur Chu Fraud & Investigation Manager - Nexon America

  • Content Slide

    ● Gold Farming

    ● The Golden Triangle Of Fraud

    ● Mechanic Of Fraud

    ● How Credit Card Fraud Can Damage A Company

    ● Working With Publishers

    ● Evolution Of Gold Farmers & Sellers

    ● Account Takeover

    ● Trends in Account Takeover in Gaming

    ● Consumer Education is Important

    ● Are You Really Safe?

    ● Technology

    ● Some Account Takeover Detection

    ● Safe Practices

  • How We Normally Picture Gold Farmers

  • The Darker Side Of Gold Farming & Selling

  • • Prisoners Were Used To Farm Gold Since 2004 And Possibly Earlier

    • Cheap Labor – Free

    • Huge Incentive To Succeed

    "If I couldn't complete my work quota, they would punish me physically. They would make me stand with my hands raised in the air and after I returned to my dormitory they would beat me with plastic pipes. We kept playing until we could barely see things,“ 1

    1 http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam

    http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam http://www.guardian.co.uk/world/2011/may/25/china-prisoners-internet-gaming-scam

  • Gold Selling Site

  • Stolen Credit Cards Are Cheap

  • The Golden Triangle Of Gaming Fraud

    Domestic ISP Hosting Providers

  • Their Roles In The Gaming Space

    ● European Fraud Rings

    o Steals Credit Cards Info

    ● Chinese Gold Sellers

    o Use Stolen Credit Cards

    ● Domestic ISP Hosting Providers

    o Services Them All

  • Mechanics of Fraud

    ● If your game has any systems that place value on assets in the game AND makes

    them liquid, you are at risk

    ● Fraudsters need to be able to take or make assets and sell them

    ● Liquidity allows assets to take on a value

    ● Trade or Gifting

  • How Can Credit Card Fraud Damage Company

    Business Case Study:

    A Free 2 Play game company is evaluating the impact of chargebacks on their net profit. This company is a $25 million dollar a year business with margins of 21.82% because they have an average rate of 5% chargeback a month and is considered a high risk merchant from the Visa/Mastercard association. Therefore, the chargeback fee increases to $100 per incident and also there is a set monthly fee imposed by Visa/MasterCard. What would happen if it increased further to 10% or reduced to 3%. I’ve also included what a sample of what the business profit margin would be if they had under 1% chargebacks and were not in the high risk program by Visa/Mastercard association.

  • Chargeback At 5%

  • Chargeback Impact To Revenue At 10%

  • Comparison When Reduced To 3%

  • Under 1% Chargeback What Is The Difference In 2%?

  • Working with Publishers

    I Work With A Publisher, They Handle All That Stuff. Why Should I Care About Chargeback?

    ● Facebook, Apple, Steam, and MMO publishers like Nexon

    ● Or, my payments provider guarantees against chargeback

    ● If the game generates high fraud activity any company would shut you down from payments which means

    no money

    ● There are certain mechanic or item in a game you just cannot change but causes a lot of fraud

    ● Nexon uses a prepaid option to still monetize and take the chargeback risk out

  • What Is Prepaid & How Does It Help?

  • Gifting

    Wish List

    Player A Player B

    Buys A’s Wish List Items

    Cash Shop

    Player C Player D

  • Evolution Of Gold Farmer & Seller

    Gold Farming With Manual Labor

    Gold Farming With Bots

    Credit Card Fraud

    Account Takeover

  • Account Take-Over

    Account takeover is one of the more prevalent forms of identity theft. It occurs when a fraudster obtains an individual's personal information (account number and social security number usually suffice), and changes the official mailing address with that individual's financial institution (FI). Once accomplished, the fraudster has established a window of opportunity in which transactions are conducted without the victim's knowledge.

    Account takeover is becoming increasingly prominent and is a growing point of financial exposure for Financial Institutes, businesses, and consumers. Reducing exposure is best accomplished through a combined approach of Process, Consumer Education, and Technology.

    Fraud Alert Involving Unauthorized Wire Transfers To China 26 April 2011

    The FBI has observed a trend in which cyber criminals — using the compromised online banking credentials of U.S. businesses — sent unauthorized wire transfers to Chinese economic and trade companies located near the Russian border. Between March 2010 and April 2011, the FBI identified twenty incidents in which the online banking credentials of small-to-medium sized U.S. businesses were compromised and used to initiate wire transfers to Chinese economic and trade companies. As of April 2011, the total attempted fraud amounts to approximately $20 million; the actual victim losses are $11 million.

    1 http://www.bankersonline.com/vendor_guru/pps/pps_takeover.html 2 http://www.ic3.gov/media/2011/ChinaWireTransferFraudAlert.pdf Internet Crimes Complaint Center

    http://www.bankersonline.com/vendor_guru/pps/pps_takeover.html http://www.ic3.gov/media/2011/ChinaWireTransferFraudAlert.pdf

  • Financial Related Attack Dissected By FBI & FSIAC

    http://www.fsisac.com/files/public/db/p265.pdf Financial Services Information Sharing and Analysis Center

    http://www.fsisac.com/files/public/db/p265.pdf

  • Recent Trend Of Account Take Over In Gaming

    Breach Occurs

    Industry or Non-

    Industry Related

    Information Scripted to

    Access Financial

    and Gaming Sites

    Consumer is Target of

    Spear Phishing and Becomes a

    Victim.

    Consumer Falls Victim to Spear

    Phishing and Installs Malware

    Target Friends or Associates of Victim.

    1

    2

    3

    4

    5

    Fan Sites or Gaming Related Sites are Constant Targets for Invasion. Some are More Susceptible than Others. There are Also Non-Gaming Related Companies that Were Breached that May Have Caused Some Damages.

    This Information is Used by Fraudsters Running Log in Scripts if There is a Game Associated but They will Run This Script for All Major Games or Financial Sites.

    Consumer gets Spear Phished. Spear Phishing is when Victim receives Email Targeted to Specific Sites based on Victim’s History or Compromised Friend’s Email

    Consumer Unknowingly Installs Malware after Constant Phishing Attack that not only can Key log but can Adapt to Anti-Virus Detection.

    Friends or Associates of Victim Receives Spear Phishing Emails that Might Say, ‘Look at My Vacation Pictures!’ Gamers are Extremely Social Online

  • Consumer Education Is Important

    ● Companies Will Never Ask For Password – They Have It!

    ● Do Not Respond To Or Open Attachments Or Click On Links In E-mails.

    ● Be Careful Of Free Apps Or Games For Smart Phones. Smartphone Users Were About A Third More Likely To Become

    Victims Than Non-users (Based On Javelin Strategy & Research)

    ● Do Not Post Private Information (Birthdates Or At Least Omit Year of Birth, Home Address, Ect) On Public Social Sites

    ● Be Wary Of Pop-up Messages Claiming Your Machine Is Infected And Offering Software To Scan And Fix The Problem,

    As It Could Actually Be Malicious Software That Allows The Fraudster To Remotely Access And Control Your Computer.

    ● Do Not Use Public Internet Access Points (e.g., Internet Cafes, Public Wi-Fi Hotspots (Airports, Etc.) To Access

    Accounts Or Personal Information. If Using Such An Access Point, Employ A Virtual Private Network (VPN)

  • Consumer Education Part II

    ● Keep Operating Systems, Browsers, And All Other Software & Hardware Up-to-date.

    ● Keep Up-to-date Of The Continuous Cyber Threats That Occur.

    ● As Recommended By Microsoft For Users More Concerned About Security, Many Variants Of Malware Can Be Defeated

    By Using Simple Configuration Settings Li